[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
A case for SSL specialist programmers
Hi, to some https super gurus maybe on this forum!
I´ve did some easy research over the net about different approach
for websites fooling out real IP numbers from users, and besides
the usual stuff (javascript, active-x, flash plugins etc) I get
some hints about the https SSL protocol itself may collect the
users real IP, also when the user is using anonymizers.
When I check at the https://proxify.com/whoami/ trough Tor, I
only see the Tor exit node IP and not my real. Same thing when
cheking my SSL webmail accounts log of login IP and also in
the headers of emails send from that https webmail, it only
shows the Tor exit node IP.
The question is then, are that perhaps any hidden information
streams into the SSL connection, that is able to get the real
IP, but only make the last IP (Tor exit node) visible to user?
Or is it that simple, when the Tor IP is showed, then it´s the
only IP the https website collect?
Thanks for any answer of knowledge.
--
http://www.fastmail.fm - The way an email service should be